Top 20 AML Interview Questions & Model Answers
The Complete Senior-Analyst Reference
AML interviews at Goldman Sachs, JPMorgan, Morgan Stanley, Macquarie, Barclays, TD Securities, BNY, State Street, M&G, and Fidelity International all converge on the same 20 questions. This guide walks through each — with model answers calibrated to senior-analyst, investigator, and FCC interview standards.
Senior AML interviews at Goldman Sachs, JPMorgan, Morgan Stanley, Macquarie, Barclays, TD Securities, BNY, State Street, M&G, Fidelity International, HSBC, and Emirates NBD — whether you’re targeting a senior analyst, investigator, transaction monitoring, FCC officer, or MLRO-track role — converge on a remarkably consistent set of 20 core questions. The questions test five things: (1) framework knowledge, (2) typology fluency, (3) suspicion-threshold judgement, (4) regulatory awareness, and (5) judgement under ambiguity.
This guide walks through all 20 questions with model answers structured the way senior interviewers want to hear them: concept — framework — example — nuance. Each model answer is calibrated to senior-analyst level — if you’re targeting a more junior role, lean on the concept-and-example portion; if you’re targeting a manager-track role, extend the nuance and add governance considerations.
Read each question and the model answer once. Then close the page and try answering each one out loud. Record yourself or practise with AGZIT’s voice-based AI Mock Interview — reading a model answer is not the same as being able to deliver it under interview pressure. The candidates who get the offer are the ones who can structure these answers fluently in 90–120 seconds without notes.
Category 1: Framework & Foundations (Q1–Q5)
What is money laundering and how does it work?
Model answer: “Money laundering is the process of disguising illegally obtained funds as legitimate income. It’s structured around three FATF-defined stages. First, placement — introducing illicit funds into the financial system, typically as cash deposits, asset purchases, or value conversion. Second, layering — obscuring the audit trail through multi-hop transactions, shell companies, offshore structures, or crypto cycling. Third, integration — the funds re-enter the legitimate economy as apparently clean wealth, indistinguishable from lawful income. The UNODC estimates 2–5% of global GDP — roughly $800B–$2T annually — is laundered each year, funding drug trafficking, corruption, terrorism, fraud, and human trafficking.”
What is the difference between AML and KYC?
Model answer: “KYC is a foundational control inside the broader AML programme. KYC captures customer identity, beneficial ownership, nature of business, expected transaction profile, and risk rating. AML is the wider framework: written policies, designated MLRO, training, independent audit, plus CDD, transaction monitoring, investigations, SAR/STR filing, and sanctions controls. KYC outputs become the baseline that transaction monitoring and AML investigations operate against. Without KYC, AML is blind — a deviation alert only has meaning when there’s an expected baseline. CFT runs in parallel as a partner framework targeting terrorism financing specifically; most banks operate combined AML/CFT programmes.”
Walk me through the 5 pillars of an AML programme.
Model answer: “Every regulator expects five mandatory pillars. First, written internal policies, procedures, and controls covering the full customer lifecycle, monitoring, sanctions, record-keeping, and escalation — reviewed annually and approved at Board or senior-committee level. Second, a designated AML compliance officer or MLRO with personal regulatory liability under regimes like UK SMCR, DFSA senior-executive licensing, and Singapore IAC. Third, ongoing training tailored to role, with attendance and completion tracked. Fourth, independent audit or testing by parties outside the first line, conducted annually. Fifth, Customer Due Diligence and the Risk-Based Approach — identification of customer and UBOs, risk rating, ongoing monitoring, and periodic review.”
What is the Risk-Based Approach and why does it matter?
Model answer: “The Risk-Based Approach is FATF Recommendation 1’s core principle — compliance resources, controls, and scrutiny must be allocated in proportion to assessed risk, not uniformly across all customers. In practice, that means I score every customer across six factors — customer type, geography, product, delivery channel, transaction profile, and industry — to produce a risk rating. The rating drives concrete decisions: CDD depth, whether EDD is required, approval level, periodic review frequency, and monitoring thresholds. RBA also operates at programme level through the Enterprise Risk Assessment, which drives how the bank allocates headcount, tooling, and senior attention across the entire customer book. Before 2012, regulation was rules-based — everyone got the same checks. FATF moved to RBA so compliance effort could concentrate where money-laundering risk actually is.”
What are the major global AML regulators?
Model answer: “FATF sets the global standard with its 40+9 Recommendations and grey-list/black-list designations. National regulators include FinCEN in the US under the Bank Secrecy Act, FCA in the UK under MLR 2017, OFSI for UK sanctions, the EU’s 6AMLD harmonised framework with AMLA enforcing from 2026, DFSA and ADGM for the UAE free zones plus FIU.ae federally, MAS in Singapore via Notice 626, HKMA in Hong Kong via AMLO, FINTRAC in Canada, and RBI plus FIU-IND in India. Each operates its own SAR/STR pipeline. The MLRO at a tier-1 bank typically interfaces with multiple FIUs depending on the bank’s legal-entity footprint.”
Category 2: Typologies & Red Flags (Q6–Q10)
Name 5 money-laundering typologies and explain how each works.
Model answer: “Structuring or smurfing — multiple sub-threshold deposits to evade reporting limits. Trade-based laundering — over-invoicing, under-invoicing, or phantom shipments to move value across borders under the cover of legitimate trade. Shell-company layering — wire transfers through multiple substance-free entities in secrecy jurisdictions to obscure origin. Funnel accounts — multiple geographic inputs consolidated into a single account with rapid outbound movement, classic layering pattern. Crypto-to-fiat cycling — funds moved through mixers, chain-hopping, peel chains, then cashed out via compliant or non-compliant exchanges. Each typology has its own red-flag indicators and is documented in FATF typology studies plus FinCEN, FCA, and FIU advisory alerts.”
What is structuring and why is it a red flag?
Model answer: “Structuring is the practice of breaking transactions into amounts deliberately below regulatory reporting thresholds — for example, multiple cash deposits between $9,000 and $9,999 in the US to avoid the $10,000 CTR threshold, or in India multiple deposits between ₹48,000 and ₹49,500 to stay below the ₹50,000 reporting trigger. It’s a red flag because the pattern itself is evidence of intent to evade detection — a legitimate customer has no commercial reason to break a single deposit into 50 sub-threshold ones. Structuring is itself a predicate offence under the BSA, POCA, and equivalent regimes — you don’t need to prove the underlying funds are illicit to file a SAR on the structuring pattern alone.”
What is trade-based money laundering?
Model answer: “Trade-based laundering uses commercial trade transactions to move illicit value across borders while disguising the flow as legitimate commerce. The most common patterns are over-invoicing — importing goods at inflated prices to send value out to a foreign supplier — and under-invoicing — exporting goods at deflated prices to leave value with a foreign buyer. Other variants include phantom shipments where no goods actually move, multiple-invoicing of the same shipment, and falsified Bills of Lading. FATF’s 2006 TBML Red Flags study and FinCEN advisory FIN-2010-A001 are the standard reference frameworks. TBML is particularly hard to detect because the cover story — an import or export — is itself a legitimate banking activity.”
What red flags would make you suspicious in transaction monitoring?
Model answer: “Several recurring patterns. Volume or velocity sharply inconsistent with the customer’s declared profile. Geographic concentration of inbound or outbound flows in FATF grey- or black-list jurisdictions. Sudden activation of dormant accounts followed by rapid out-flow. Sub-threshold deposit patterns indicating structuring. Funnel-account patterns with multi-jurisdictional inbound and same-day outbound consolidation. Round-number or repetitive-amount patterns. Unexplained third-party originators inconsistent with declared counterparties. Cash-intensity disproportionate to declared NOB. New high-risk-jurisdiction counterparty activation with material volume. Each red flag triggers Level 1 investigation; combined or escalating patterns drive Level 2 escalation and potentially SAR filing.”
How would you investigate a high-volume cash-deposit pattern?
Model answer: “I’d work through five steps. First, pull the KYC baseline — declared NOB, expected cash volume, customer risk rating. Second, compare actual cash activity against expected over a meaningful window, typically 60–90 days. Third, examine the deposit-pattern shape — are amounts sub-threshold, are they timed to evade weekly aggregation, are they geographically clustered? Fourth, run a refreshed adverse-media check and PEP screening on the customer and any UBOs. Fifth, where the activity cannot be reconciled to the declared business, escalate to Level 2 with a case file showing baseline, deviation, reconciliation attempts, and pattern alignment with structuring or cash-intensive-business typology. If reconciliation continues to fail, the threshold for SAR filing is met and the file moves to Level 3.”
Category 3: Suspicion Threshold & SAR Filing (Q11–Q14)
What is the threshold for filing a SAR?
Model answer: “The threshold is reasonable suspicion — not proof, not probable cause, not beyond reasonable doubt. The exact wording varies: FinCEN says ‘knows, suspects, or has reason to suspect’; UK POCA says ‘knows or suspects, or has reasonable grounds for knowing or suspecting’; FATF and most national regimes converge on similar language. The bank’s role is to surface the signal — investigation is the FIU’s job. Practically, I apply four tests: is the activity inconsistent with KYC baseline; have I made reasonable reconciliation attempts that have failed; does the pattern align with a recognised typology; and is there adverse-media or screening context that reinforces the suspicion. If three or four are affirmative, the threshold is met and I file.”
Walk me through how you’d structure a SAR narrative.
Model answer: “Seven-section structure. First, subject information — legal name, aliases, DOB, nationality, identifiers, UBOs if entity. Second, account and relationship summary — account numbers, opening date, declared NOB, customer risk rating, prior SARs. Third, factual sequential activity description — dates, amounts, currencies, counterparties, originators, beneficiaries, no adjectives or speculation. Fourth, typology mapping — which recognised typology the activity matches, with FATF or FIU advisory reference. Fifth, why suspicion was formed — expected vs observed, reconciliation attempts, why they failed, pattern alignment. Sixth, the bank’s actions — escalation, EDD refresh, risk re-rating, account restrictions. Seventh, supporting evidence index. The narrative reads like a case file, not a memo.”
What is tipping-off and why does it matter?
Model answer: “Tipping-off is the criminal offence of informing the subject of a SAR that a SAR has been filed, or disclosing information that might prejudice a law-enforcement investigation. Under POCA in the UK, BSA in the US, 6AMLD in the EU, and equivalent regimes globally, tipping-off carries individual criminal liability. It shapes how banks communicate with customers post-SAR. Generic exit wording (‘the bank has decided to discontinue the relationship’) is permitted; saying the account is closed because of an AML investigation is not. Operational delays or RM behaviour that signal investigation can themselves constitute tipping-off. Most tier-1 banks ring-fence SAR-specific information away from RMs precisely to manage this risk.”
What is defensive filing and why is it a problem?
Model answer: “Defensive filing is filing SARs reflexively to protect the institution from regulatory criticism, regardless of whether the underlying facts genuinely meet the suspicion threshold. The pattern shows up as high SAR volume with low specificity in narratives. It’s a problem because it dilutes FIU analytical capacity — investigators are drowning in low-quality reports while genuine intelligence gets buried — and regulators specifically look for it as a programme weakness. FinCEN, FCA, MAS, and FATF all publish guidance on it. The fix is investigator training on suspicion-threshold judgement, SAR quality as a KPI alongside volume, and senior review samples assessing narrative specificity, not just count.”
Category 4: Sanctions, PEP & Screening (Q15–Q17)
What is the difference between sanctions screening and PEP screening?
Model answer: “Sanctions screening checks customers, beneficial owners, and counterparties against designated sanctions lists — OFAC SDN in the US, OFSI Consolidated List in the UK, EU sanctions, UN sanctions, plus national lists. A sanctions match is a hard block: you cannot open or maintain the relationship without specific licensing. PEP screening identifies politically exposed persons — FATF R12 covers Foreign PEPs (always high-risk), Domestic PEPs (risk-based), International Organisation PEPs, plus all RCAs. A PEP match doesn’t block the relationship but triggers EDD — full SoW, senior approval, enhanced monitoring, annual review. Both run continuously, not just at onboarding, because designation status changes and PEP appointments happen mid-relationship.”
How do you handle a partial match in sanctions screening?
Model answer: “A partial match isn’t a clearance. I work through secondary identifiers — date of birth, nationality, country of birth, current address, occupation, photograph if available, known family members. My bank’s policy requires at least two independent identifiers that disagree before clearing a partial sanctions match as a false positive. If only one identifier disagrees and the severity is high — a Foreign PEP or sanctioned party — I escalate rather than clear. Every clearance is documented with the specific identifiers that disagreed; the rationale memo is retained in the audit trail. If a pattern is likely to recur, I add the customer-to-alert pairing to the known-cleared list with a future re-audit date. I never clear a sanctions alert without documented rationale.”
What is adverse media screening and why does it matter?
Model answer: “Adverse media screening is the systematic monitoring of news, regulatory actions, court records, and investigative journalism for negative information about customers, UBOs, directors, and key counterparties. It catches risk signals before they become sanctions or formal enforcement — the 1MDB scandal, FinCEN Files, Panama Papers, Pandora Papers all surfaced in investigative press long before regulatory action. Sanctions and PEP lists are lagging indicators; adverse media is leading. I work with a five-tier source hierarchy — regulatory and court at Tier 1, tier-1 financial press and ICIJ at Tier 2, local mainstream press at Tier 3, trade press at Tier 4, user-generated content at Tier 5. For high-risk customers, multi-language coverage is mandatory because actionable findings often appear in local-language press months before English coverage catches up.”
Category 5: Judgement & Career Scenarios (Q18–Q20)
What would you do if a Relationship Manager pushed back on an EDD escalation?
Model answer: “RM commercial pressure on EDD escalation is a recurring pattern in enforcement findings at tier-1 banks — it’s exactly what regulators look for during reviews. My approach: stay factual and document everything. I’d explain the specific risk factors that triggered the EDD — PEP exposure, complex structure, jurisdictional risk, adverse media, whatever the trigger is — and the regulatory basis under FATF R12 or R19 or the bank’s own RBA policy. If the RM still pushed back, I’d escalate to my Team Lead and ultimately senior compliance. Senior compliance has a specific role to resist this kind of pressure. The decision to maintain a relationship in a high-risk category requires senior compliance approval — the named approver carries personal regulatory liability under SMCR and equivalent regimes — not RM commercial preference.”
Tell me about a time you identified something others missed.
Model answer (template — adapt with your real example): “[Describe a real case where you found a UBO control path others missed, identified an RCA via family tree, traced a layered structure others stopped at, or surfaced an adverse-media hit that wasn’t captured by automated screening.] Walk through: what triggered your investigation (a small inconsistency, a screening hit, a routine review), what you found (be specific about the actual finding), what you did about it (escalation, additional documentation, senior approval), what the outcome was (risk re-rating, EDD refresh, SAR, recognition from team lead). Frame around your judgement, not luck.”
Where do you see your AML / KYC career in 5 years?
Model answer: “I’m thinking about it on two tracks. Near-term, I want to deepen execution capability across CDD, EDD, screening disposition, and SAR-quality investigation work — the foundation for moving into Senior Analyst and Team Lead roles. Five years out, I see myself in a Manager or governance role where I own QA, calibration, and approval judgement on the toughest files — complex structures, Foreign PEPs, HNW private banking, VASP relationships. Beyond that, the path goes into Director-level FCC roles or eventually MLRO track, depending on where the strongest opportunities are. I’m matching credentials to the role I want — KYC-specific credentials like GO-AKS or IR-KAM if I’m staying on the KYC governance track, AML-focused credentials if I move toward investigations or transaction monitoring leadership.”
How to Practise These Answers
Reading 20 model answers is a starting point. The candidates who get senior offers can deliver each one out loud, in 90–120 seconds, without notes — with the structure, examples, and nuance the senior interviewer is listening for. That delivery quality only comes from active practice.
Week 1: Read all 20 questions and model answers carefully. Write your own version of each in your own words. Don’t memorise — rebuild.
Week 2: Practise out loud, alone or with a peer, focusing on Categories 1–2 (Framework + Typologies). Time yourself — aim for 90–120 seconds per answer.
Week 3: Categories 3–5 (SAR/Suspicion + Screening + Judgement). Use AGZIT’s voice-based AI Mock Interview to simulate the pressure of senior interviewer flow.
Week 4: Full-flow mocks combining questions across all 5 categories. Review the 10-dimension Scorecard from each AGZIT mock to identify weak spots.
Choosing the Right Credential for Your Target Role
If your target role is genuinely AML — transaction monitoring analyst, alert investigator, SAR/STR filer, financial-crime programme officer, MLRO track — an AML-focused credential like CAMS fits because that’s exactly the kind of work it was built around. If your target role is pure KYC — onboarding, CDD, EDD, UBO tracing, screening disposition, periodic review — KYC-specific credentials convert faster into KYC interviews because they signal direct role match: GO-AKS (Globally Certified KYC Specialist), IKYCA (Internationally Certified KYC Specialist), IR-KAM (Internationally Certified KYC Manager). For crypto / VASP roles: C2KO (Certified Crypto KYC Officer), C3O (Certified Crypto Compliance Officer), C2AO (Certified Crypto AML Officer). The common mistake is defaulting to CAMS by reputation when targeting KYC roles, or over-pursuing KYC credentials when targeting AML investigation roles. Pick by role match.
Related Reading
- Top 100 KYC Interview Questions & Model Answers
- AML Explained: What Anti-Money Laundering Actually Is
- Transaction Monitoring Explained
- STR / SAR Filing Explained
- Top 25 AML Red Flags Every KYC Professional Must Know
- High-Risk Customers in KYC: The 9 Categories
- The Risk-Based Approach (RBA) in KYC
- The Complete KYC Resume Guide
Practise All 20 Out Loud — Win Senior AML Offers
Senior AML interviews at Goldman Sachs, JPMorgan, Morgan Stanley, Macquarie, Barclays, TD Securities, BNY, State Street, M&G, Fidelity International, and HSBC test these 20 questions consistently. Practise each one out loud on AGZIT’s voice-based AI Mock Interview — with a 10-dimension Scorecard after every session.
ATS Resume Builder
Voice-based
10-dimension
Coaching
Elevator pitch
DPR-based
30-day roadmap
Silver/Gold/Platinum
Trusted by KYC candidates targeting roles in Mumbai · Dubai · London · New York · Toronto · Singapore